E-Mail Block EXE's?

[bpiedlow]

Well not sure really how to respond...

If it was any type of company besides an ISP - I'd definatly say that its a good idea. As an ISP though, some end users may consider it a 'problem' and even go so far as deciding to not use that ISP for that reason alone...

Again, if not and ISP, it would be a good idea - in my opinion... A couple years ago we started filtering out all exe, bat, scr, doc, vbs, and probably a few others. For the first couple weeks we had people questioning it and complaining. But since then we've gone from an average of 1 virii infection per month to now running 18plus months without a single infection...

The main thing to make sure, if you do filter them out, is to only filter out the attachment and leave the email intact, preferably with a note/comment added to it stating that the attachment was removed. That way people still get all their messages, and they are alerted to attachments being removed - so that they know about it should they need to find another way to transfer it...

RRP

[gamernewbie]

You should always tell them that overall they are responsible for the upkeep of their computers. So yes always encourage an up to date antivirus and a firewall. That would be something good though you don't delete the emails just send them to a different folder so they are aware that they need to be careful when they open it. But let them know that it went there because if it gets deleted as a false positive for spam then your ISP is in trouble when someone in a business decides they are sending attachments. Trust me it happens you get some bigshot that doesn't know his a$$hole from a hole in the ground complaining but doesn't know what he did or didn't read the whole thing.

[r8devil]

bpiedlow's idea is quite good as my company uses the same method to block attachment that we consider unsafe. The attachment is removed but the mail goes thru without the attachment but with a note informing the user what has happened and this doesnt alarm the user too much bcod they know whats happening and can find some other way to get the transfer done. But for an ISP this might not work as there are lots of dumbass users out there who are gonna complain and bitch about it and they are gonna flood your helpdesk with calls. All depends on what you would rather have: people complaining that their attachments are not going thru or people complaining that their system is infected by viruses. Its something for higher managemtn to decide cos it all depends on which one you would consider would waste more resources trying to solve and explain to the user.

Moving it into a spam folder with an indication that the mail might be infected leaves it up to the user. Its much easier to explain this way.

[Palemoon]

Just checking on the thread. Again the ISP function is the transport layer, nothing more or less just like a dial tone on the phone. When was the last time your Telephone Company took it upon them selves to cut those pesky telemarketers? Why should an ISP take on this role? An ISP would have happy campers if they did not sell that same transport layer to like the telephone company Marketers it makes them $$. So lets look then at the problem the two lates blended threats Mimail and Blaster, only 50% of the problem was caused by email, and checking known facts Mimail was and is being developed by someone working on viral marketing next release expected soon. The second exploit needed no response (Blaster from the user) no patch they became infected, and I feel again this has someting to do with money and programs to market something. Blaster looked for a web site to download other things and what better deversion then a DDOS attack on M$ but it looking at the code could have been the latest virgra replacement company.

So blocking an EXE is not going to do squat in todays online world as long as M$ with 90% of all Desktops and all their flaws reside and are Marketed as "Trustworthy Computing" change. I manage a small network of 6 servers and about 50 users for a business. M$ says it's my fault for not deploying their patches fast enough it was out since blah....blah...blah... Ok fine M$ in a work a day world I cannot re-boot all my servers at 8:00 AM or what ever I become aware and installed the patch on the servers let alone the 50 users workstations the patch needs to be deployed upon. Business is about time, billable time as with an ISP. As an ISP offer the tools Firewalls, Virus scanners and make their install if you want the connect must be installed by default. As an ISP you must then not give to M$ but demand payment for the cost of deploying all their patches to your clients of their swiss cheese O$.

Blocking an EXE is not an answer it begs to ask why as an ISP must we do this thing, why is a product marketed like M$ and the WEB as safe then truth in Advertising says not to misslead people yet M$ and Bill are perhaps the best Marketers of false claims? OOPS (Object Orientiated Programing S*!..stuff)

But M$ what you get is not whats sold, Business people have had enough as should an ISP!

OOPS just venting!

Peace